An unCas thing to do?
Nicholas Faiz
nicholas.faiz at gmail.com
Tue Dec 16 21:46:22 EST 2008
Scott,
Thanks for the reply. See below for my responses.
Scott Battaglia wrote:
>
>
> * Each application in the SSO network will be, in effect, a
> CASProvider?
> This lets each application manage the username/password for the their
> member, and they can operate independently of the SSO network if need
> be, but CAS can also know how to query it during authentication.
>
>
> In general, CAS works best if you have a single username/password
> combination (otherwise how do you know its the same person across all
> applications).
>
>
That's the case here. The CAS server has an authentication
implementation which knows how to ask each CAS provider to authenticate
the user. Only one will know about the user. We use an email and
password for authentication, so we can ensure that uniqueness.
>
> In our case, the applications are all Rails applications. I'm
> currently
> experimenting with rubycas-server which is probably not suitable for
> production (we estimate a large, international userbase). Does anyone
> have recommendations for a good opensource CAS server?
>
>
> Yes, http://www.ja-sig.org/products/cas/ :-) As long as you're okay
> with Java.
>
Yes, I'm okay with Java, a bit down on it these days after having moved
to Ruby, but we can work with it.
Regards,
Nicholas
>
> Regards,
> Nicholas Faiz
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu <mailto:cas at tp.its.yale.edu>
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
More information about the cas
mailing list